Socket (socket.dev) Logo

Socket (socket.dev)

Threat Researcher

Reposted Yesterday
Remote
Hiring Remotely in United States
126K-170K Annually
Junior
Remote
Hiring Remotely in United States
126K-170K Annually
Junior
As a Threat Analyst at Socket, you'll analyze threats, automate workflows, author research, and collaborate with engineering for security enhancements.
The summary above was generated by AI

About Us

Socket helps devs and security teams ship faster by cutting out security busywork. Thousands of orgs use Socket to safely find, audit, and manage open source code. Our customers - from Anthropic to xAI, and Figma to Vercel - love Socket (just check out their tweets to see for yourself!)


Founded by Feross Aboukhadijeh, a long-time open source maintainer with software downloaded over a billion times a month, Socket has raised $125M in funding from top angels, operators, and security leaders.

About the Role

Socket is looking for a Threat Researcher to join our growing Threat Intelligence Team. In this role, you’ll tackle cutting-edge threats in the software supply chain, leveraging our proprietary AI-based scanner and building tools to enhance malware analysis. You’ll secure open source ecosystems, strengthen threat detection across multiple programming languages, and conduct research that helps protect developers and organizations worldwide. This is not an entry-level position. This is a hands-on role for someone passionate about threat hunting, security research, automation, and turning insights into actionable defenses.

What You'll Do

  • Analyze numerous unique threats daily, maintaining a standard of quality that sets the industry benchmark for supply chain security.

  • Author high-impact technical blog posts on malicious open source code packages and extensions, and publish deep-dive research pieces on malicious campaigns, threat actor profiles, novel attack vectors, and ecosystem-wide trends.

  • Design and build automated scripts and tools to streamline malware analysis, enhancing our data collection, threat analysis, and threat hunting workflows.

  • Partner with our engineering team to integrate your research into our core product, turning manual insights into scalable, real-time protection.

  • Leverage expertise in open source software ecosystems to enhance security across package registries, browser extensions (Chrome/VS Code), and proactively monitor GitHub/GitLab for emerging malicious campaigns.

  • Track APT (Advanced Persistent Threat) adversaries, characterizing various TTPs (Tactics, Techniques, and Procedures), capabilities, infrastructure, and campaigns.

What You'll Bring

Required:

  • 3+ years of work experience and a master’s degree in computer science, engineering, or a related field (or equivalent experience).

  • Technical experience across several areas of security operations, including investigations, incident response and management, digital forensics, malware analysis, reverse engineering, threat intelligence, threat hunting, and detection engineering.

  • Excellent communication skills and the ability to assess the relevance and impact of threats.

  • Experience building tools for automation, data collection, and threat hunting.

  • Passion for open source and code.

Preferred:

  • Familiarity with TypeScript/JavaScript and/or other programming languages and ecosystems protected by Socket.

  • Experience leveraging LLMs or AI-based tools for threat detection.

We know how important clarity is when looking for a new role, so we've put together a read-me about the Interview Process at Socket.

Benefits: Our benefits are crafted to support you and your family, so you can take care of what matters most and thrive in and outside of work. We offer:

  • Market competitive salary bands

  • Meaningful equity program

  • Comprehensive health benefits for you and your family (99% coverage)

  • Flexible time-off, holidays, and winter shutdown to rest & recharge

  • Paid parental leave

  • Remote-first, with quarterly team off-sites

At Socket, we

  1. Pursue Excellence: We set ourselves apart by consistently delivering work of exceptional quality and distinction.

  2. Move with urgency and focus: We prioritize swift, decisive action.

  3. Think rigorously: We care about being right and it often takes reasoning from first principles to get there. We value alternative perspectives and have constructive discussions.

  4. Trust and amplify: We overtrust, always assume good intent, and give specific feedback to help each other improve.

  5. Feel a strong sense of ownership: We wear many hats and feel a strong sense of overall ownership of the company and we're non-territorial regarding our nominal domains.

  6. Are customer obsessed: We relentlessly prioritize the needs of our customers, striving to exceed their expectations and delight them at every interaction.

Similar Jobs

10 Days Ago
Remote
United States
Senior level
Senior level
Artificial Intelligence • Security • Software • Cybersecurity
Lead and build the threat research function: curate intelligence knowledge bases, conduct original research on threat actors and TTPs across endpoint, cloud, and IAM, prototype AI-assisted tooling, translate findings into hunt hypotheses and detection rules, and partner with product, engineering, and customers to prioritize detections and drive strategy.
Top Skills: Agentic AiAi-Assisted Development ToolsCloud TelemetryEndpoint TelemetryIdentity And Access Management (Iam)OsintThreat Hunting PlatformThreat Intelligence (Cti)
10 Days Ago
Remote
United States
135K-145K Annually
Entry level
135K-145K Annually
Entry level
Cloud • Software • Cybersecurity
Perform static and dynamic malware analysis, reverse engineer payloads, develop emulations and detection logic (C++, C#, PowerShell, etc.), identify telemetry gaps (Sysmon, auditd, EDR), debug with x64dbg/WinDbg, produce technical reports, and support threat hunting and incident response.
Top Skills: Api MonitorAuditdC#C++Detect It EasyEdrJavaScriptPerlPowershellPythonSplunk SplSysmonSystem InformerVbscriptWindbgX64Dbg
25 Days Ago
In-Office or Remote
151K-208K Annually
Senior level
151K-208K Annually
Senior level
Cloud • Security • Cybersecurity
The Threat Intelligence Researcher (Cloud) will analyze and report on advanced threats targeting cloud environments, utilizing multiple data sources to track threat actors and incidents.
Top Skills: AWSAzureCloud SecurityGCPKubernetesQuery LanguagesScriptingThreat IntelligenceYara

What you need to know about the Chicago Tech Scene

With vibrant neighborhoods, great food and more affordable housing than either coast, Chicago might be the most liveable major tech hub. It is the birthplace of modern commodities and futures trading, a national hub for logistics and commerce, and home to the American Medical Association and the American Bar Association. This diverse blend of industry influences has helped Chicago emerge as a major player in verticals like fintech, biotechnology, legal tech, e-commerce and logistics technology. It’s also a major hiring center for tech companies on both coasts.

Key Facts About Chicago Tech

  • Number of Tech Workers: 245,800; 5.2% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: McDonald’s, John Deere, Boeing, Morningstar
  • Key Industries: Artificial intelligence, biotechnology, fintech, software, logistics technology
  • Funding Landscape: $2.5 billion in venture capital funding in 2024 (Pitchbook)
  • Notable Investors: Pritzker Group Venture Capital, Arch Venture Partners, MATH Venture Partners, Jump Capital, Hyde Park Venture Partners
  • Research Centers and Universities: Northwestern University, University of Chicago, University of Illinois Urbana-Champaign, Illinois Institute of Technology, Argonne National Laboratory, Fermi National Accelerator Laboratory

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account